Security Affairs

MARCH 8, 2022

Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukrainian and European government and military organizations, as well as individuals. ” concludes the report.

DDOS 100

DDOS Phishing Government Hacking 100

Heimadal Security

OCTOBER 19, 2021

Two malicious accounts used by threat actors in a seemingly North Korean cyber-espionage campaign were suspended by Twitter. The ones who initially discovered this campaign that is still developing were the TAG […].

Accountability 79

Accountability Malware Cybersecurity 79

Security Affairs

MARCH 9, 2022

The campaign took place in February and Google Threat Analysis Group (TAG) team was not able to link it to the ongoing invasion of Ukraine. Google Threat Analysis Group (TAG) director Shane Huntley confirmed that the IT giant was able to detect and block all phishing messages. government. government.

Government 96

Government Phishing DDOS Hacking 96

Security Affairs

FEBRUARY 25, 2024

Iran Crisis Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign U.S.

Spyware 103

Spyware Cyber Insurance Hacking Advertising 103

CyberSecurity Insiders

APRIL 5, 2023

According to a study conducted by se-curity firm Mandiant, the group has been in operation since 2018 and has now been tasked with carrying out both espionage and financially motivated attacks such as credential harvesting and social engineering.

Hacking 105

Hacking Social Engineering Cryptocurrency Healthcare 105

Security Affairs

MARCH 31, 2021

Researchers from Google’s Threat Analysis Group (TAG) reported that North Korea-linked hackers are targeting security researchers via social media. ” reads the post published by Google TAG. The cyberspies used fake Twitter and LinkedIn social media accounts to get in contact with the victims.

Media 101

Media Antivirus Accountability Internet 101

Security Affairs

MAY 23, 2022

Threat & Detection Research (TDR) team have uncovered a reconnaissance and espionage campaign conducted by Russia-linked Turla APT aimed at the Baltic Defense College, the Austrian Economic Chamber (involved in government decision-making such as economic sanctions) and NATO’s eLearning platform JDAL (Joint Advanced Distributed Learning).

Government 122

Government Hacking Cybersecurity Information Security 122

Security Affairs

JANUARY 29, 2021

Microsoft, like Google TAG, observed a cyber espionage campaign aimed at vulnerability researchers that attributed to North Korea-linked Zinc APT group. Researchers from Microsoft monitored a cyber espionage campaign aimed at vulnerability researchers and attributed the attacks to North Korea-linked Zinc APT group.

Malware 121

Malware Antivirus Hacking Accountability 121

Security Affairs

NOVEMBER 28, 2021

North Korea-linked APT group posed as Samsung recruiters is a spear-phishing campaign that targeted South Korean security companies that sell anti-malware solutions, Google TAG researchers reported. Google TAG researchers reported that the same group, tracked as Zinc ,” also targeted security researchers in past campaigns.

Malware 131

Malware Phishing Antivirus Hacking 131

Security Affairs

APRIL 9, 2022

The security firm is tracking this cluster of malicious activities under the moniker Threat Activity Group 38 aka TAG-38. “The prolonged targeting of Indian power grid assets by Chinese state-linked groups offers limited economic espionage or traditional intelligence-gathering opportunities.

Hacking 92

Hacking Technology Cybersecurity Information Security 92

CyberSecurity Insiders

SEPTEMBER 13, 2021

Apple Inc has proudly announced that it has issued a fix to the famous Pegasus Spyware vulnerability existing on iPhones that could lead remote hackers to take control of the device to conduct espionage.

Spyware 139

Spyware Manufacturing Engineering Malware 139

CyberSecurity Insiders

APRIL 20, 2023

It is still unclear whether the company plans to introduce a separate insurance cover with a title tag and an extra premium to bring such attacks under special cover. As of now, it offers a standard policy under which a company needs to follow all security procedures to be covered under the attack.

Insurance 52

Insurance Cyber Attacks Cyber Insurance Financial Services 52

Security Affairs

NOVEMBER 15, 2021

In March, researchers from Google’s Threat Analysis Group (TAG) reported that North Korea-linked hackers are targeting security researchers via social media. Experts pointed out that the domain was involved in a past campaign carried out by the APT group and aimed at security professionals.

Cybersecurity 109

Cybersecurity Engineering Software Malware 109

Security Affairs

JANUARY 21, 2024

CISA warns of actively exploited Ivanti EPMM flaw CVE-2023-35082 The Quantum Computing Cryptopocalypse – I’ll Know It When I See It Kansas State University suffered a serious cybersecurity incident CISA adds Chrome and Citrix NetScaler to its Known Exploited Vulnerabilities catalog Google TAG warns that Russian COLDRIVER APT is using a custom backdoor (..)

Artificial Intelligence 105

Artificial Intelligence VPN Hacking Firewall 105

SecureWorld News

OCTOBER 19, 2021

One notorious hacking group from Iran uses particularly dirty schemes to fleece users, according to Google's Threat Analysis Group (TAG). According to Google’s TAG blog, APT35 have been active since at least 2017, including attacks on the 2020 U.S. Read Google's official TAG blog to learn more about the technical details.

Phishing 69

Phishing Authentication Social Engineering Government 69

Security Affairs

JULY 15, 2023

Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial compromise The source code of the BlackLotus UEFI Bootkit was leaked on GitHub US CISA warns of Rockwell Automation ControlLogix flaws Indexing Over 15 Million WordPress Websites with PWNPress New AVrecon botnet remained under the radar for two (..)

Spyware 96

Spyware Hacking Data breaches Mobile 96

SecureWorld News

FEBRUARY 25, 2022

The offensive volunteer unit Aushev said he is organizing would help Ukraine's military conduct digital espionage operations against invading Russian forces.". Follow SecureWorld News to stay up to date on the latest developments in Ukraine (using the Russia-Ukraine tag below).

Government 71

Government Hacking Cybersecurity Technology 71

Security Affairs

JUNE 11, 2020

Dark Basin is a group of cyber mercenaries that conducted commercial espionage for its customers, the researchers from Citizen Lab linked it to BellTroX InfoTech Services (“ BellTroX ”), an Indian technology company. ” reads the report published by Citizen Lab. ” reads the report published by Citizen Lab.

Hacking 99

Hacking Phishing Accountability Media 99

Security Affairs

JANUARY 9, 2023

In March 2022, the Google Threat Analysis Group (TAG) spotted phishing and malware attacks targeting Eastern European and NATO countries, including Ukraine. recently uncovered a cyber espionage campaign targeting at least three European NGOs investigating war crimes. Cybersecurity firm SEKOIA.IO ” reads the report.

Phishing 87

Phishing Hacking Cybersecurity Passwords 87

Security Affairs

MAY 9, 2022

The attacks were also reported by Google’s TAG team, which confirmed they were for intelligence purposes. By using summit- and conference-themed lures in Asia and Europe, this attacker aims to gain as much long-term access as possible to conduct espionage and information theft.” Asia and pseudo allies such as Russia.

Government 86

Government Malware Phishing Hacking 86

Security Affairs

AUGUST 6, 2023

Rapid7 found a bypass for the recently patched actively exploited Ivanti EPMM bug Russian APT29 conducts phishing attacks through Microsoft Teams Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks Zero-day in Salesforce email services exploited in targeted Facebook phishing campaign Burger King forgets to put a password (..)

Malware 87

Malware Cybercrime Cryptocurrency Social Engineering 87

CyberSecurity Insiders

MAY 7, 2021

Nation states represent a significant, persistent cyber espionage and attack threat to our military and critical infrastructure systems,” said John Loucaides, VP Federal Technology at Eclypsium. “As Eclypsium’s technology provides comprehensive device visibility and defends against vulnerabilities and threats hidden within devices.

Firmware 52

Firmware Small Business Threat Detection Technology 52

Pen Test Partners

JANUARY 8, 2024

Intelligence, espionage, technological advancements and other learnings from our annual company conference at the historic and underappreciated Latimer House. Intelligence, espionage, and technological advancements During our event my colleagues gave talks on a wide range of subjects. Loose lips sink ships, loose tweets sink fleets.

Computers and Electronics 113

Computers and Electronics Risk Technology Manufacturing 113

Security Affairs

JUNE 6, 2019

The Platinum cyber espionage group uses steganographic technique to hide communications with the Command and Control Servers (C&C). The embedded data is encoded with two steganography techniques and placed inside the <–1234567890> tag (see below). ” continues the analysis.

Encryption 73

Encryption Government Advertising Cyber Attacks 73

SecureWorld News

OCTOBER 30, 2023

The catch was that the document contained a function to transform these gibberish-looking symbols into hexadecimal values that denoted specific JavaScript tags. These details can be weaponized to orchestrate business email compromise (BEC) swindles, industrial espionage plots, and malware attacks.

Phishing 93

Phishing Scams Passwords Wireless 93

SecureList

DECEMBER 23, 2020

Was this just espionage or did you observe destructive activities, such as ransomware? While the vast majority of the high-profile incidents nowadays include ransomware or some sort of destructive payload (see NotPetya, Wannacry) in this case, it would appear the main goal was espionage. That’s a good question!

Malware 57

Malware Telecommunications DNS Government 57

McAfee

APRIL 20, 2021

While prior emulated groups were more focused on espionage, the ATT&CK Evaluations team chose to emulate Carbanak and FIN7 due to the wide range of industries these groups target for financial gain. This was possible due to McAfee’s strong correlation and having all telemetry tagged and labeled as close to the source as possible. .

Threat Detection 90

Threat Detection Cybersecurity Government Network Security 90

Security Affairs

JUNE 6, 2019

APT34 conducts cyber espionage on behalf of Iran. The attacker used an old version of Microsoft.Exchange.WebService.dll tagged as 15.0.0.0 Iran seeks to diminish the capabilities of other regional powers to create leverage and better establish itself. which according to Microsoft documentation dates back to 2012.

Computers and Electronics 84

Computers and Electronics Penetration Testing DNS Passwords 84

SecureList

DECEMBER 18, 2020

Was this just espionage or did you observe destructive activities, such as ransomware? While the vast majority of the high-profile incidents nowadays include ransomware or some sort of destructive payload (see NotPetya, Wannacry) in this case, it would appear the main goal was espionage. That’s a good question!

DNS 74

DNS Telecommunications Malware Encryption 74

Threatpost

APRIL 23, 2020

Iran's Charming Kitten and other nation-state actors are using the coronavirus pandemic to their advantage, for espionage.

Spyware 91

Spyware Phishing Government Malware 91

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 101

Spyware Surveillance Identity Theft DDOS 101

SecureList

APRIL 27, 2021

We investigated a long-running espionage campaign, dubbed A41APT, targeting multiple industries, including the Japanese manufacturing industry and its overseas bases, which has been active since March 2019.

Malware 139

Malware Spyware Government Social Engineering 139

Security Boulevard

JUNE 15, 2023

Many espionage-focused threat groups operate stealer families for pilfering information from target networks. Data stolen from the infected system is labeled with specific binary tags that identify the type of information when it is sent to the C2 server. Stealers also bridge the realms of criminal and nation-state focus.

Cryptocurrency 52

Cryptocurrency Password Management Malware DNS 52

ForAllSecure

AUGUST 14, 2019

BGR says the price tag for Pegasus is in the range of millions of dollars. Its apparent goal is espionage directed against the financial and energy sectors. Reports suggest that smishing is one possible attack vector for the spyware. Dave Bittner: [00:03:09] This isn't a commodity attack tool. Pegasus is pricey.

Energy and Utilities 52

Energy and Utilities Penetration Testing Government Education 52

Security Affairs

NOVEMBER 20, 2023

APT29 along with APT28 cyber espionage group was involved in the Democratic National Committee hack and the wave of attacks aimed at the 2016 US Presidential Elections. Google TAG experts also observed the Russia-linked ATP28 group exploiting the flaw in attacks against Ukraine users.

Hacking 109

Hacking Phishing Malware Cybersecurity 109

ForAllSecure

AUGUST 14, 2019

BGR says the price tag for Pegasus is in the range of millions of dollars. Its apparent goal is espionage directed against the financial and energy sectors. Reports suggest that smishing is one possible attack vector for the spyware. Dave Bittner: [00:03:09] This isn't a commodity attack tool. Pegasus is pricey.

Energy and Utilities 40

Energy and Utilities Penetration Testing Government Education 40

ForAllSecure

AUGUST 14, 2019

BGR says the price tag for Pegasus is in the range of millions of dollars. Its apparent goal is espionage directed against the financial and energy sectors. Reports suggest that smishing is one possible attack vector for the spyware. Dave Bittner: [00:03:09] This isn't a commodity attack tool. Pegasus is pricey.

Energy and Utilities 40

Energy and Utilities Penetration Testing Government Education 40